Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
File:                     PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft (raw, json)
Hash identifier:          4m1DyhHVZlqQv94XmmvI2fNo9LyP/wBmZIAIHvIYgfA=
Subject key identifier:   4A:DD:98:FC:C9:FA:00:8F:89:39:8D:2E:9C:4A:65:AC:39:6F:18:A6
Authority key identifier: 3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97
Certificate issuer:       /CN=3c1415421685ace3682f161d310d92726cdfb097
Certificate serial:       019A28561B1DCC47D8C0C4C1749C94101FA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
Manifest number:          16F5
Signing time:             Tue 28 Oct 2025 01:02:02 +0000
Manifest this update:     Tue 28 Oct 2025 01:02:02 +0000
Manifest next update:     Wed 29 Oct 2025 01:02:02 +0000
Files and hashes:         1: PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl (hash: KuE4QzreJkVERqjmNiWPVINQs6UzSW/AjAtEabNlDUs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 Oct 2025 01:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:28:56:1b:1d:cc:47:d8:c0:c4:c1:74:9c:94:10:1f:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c1415421685ace3682f161d310d92726cdfb097
        Validity
            Not Before: Oct 28 01:02:02 2025 GMT
            Not After : Oct 29 01:02:02 2025 GMT
        Subject: CN=4add98fcc9fa008f89398d2e9c4a65ac396f18a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9c:e4:24:f7:a2:b7:88:db:62:39:d5:e1:d7:
                    88:c3:53:c0:0a:40:08:f5:17:b8:e7:d8:35:1b:8e:
                    e0:2e:d2:0f:da:59:fe:5f:46:d0:cc:3e:6a:a4:bc:
                    29:06:1f:28:be:17:fd:36:b6:ff:c6:74:10:90:b9:
                    a4:60:25:fa:28:67:7b:ce:1d:73:47:9b:0b:d2:a9:
                    76:d7:e8:5c:d7:7c:a2:5c:6f:3c:70:a8:90:6b:93:
                    5d:a7:86:46:17:29:b6:99:8b:48:7e:20:4f:75:dd:
                    d0:e7:bf:83:95:76:e6:65:d2:08:e6:f5:eb:5e:81:
                    dd:0f:5c:0a:92:6e:06:c0:1c:e2:41:2e:71:fe:14:
                    22:fa:1c:0d:cf:e6:41:5f:a6:e6:a4:d5:4e:b5:bc:
                    6f:aa:f5:3a:1c:1e:5f:6b:69:cb:f4:ad:82:7a:8c:
                    53:8a:83:35:d0:a8:6b:d4:dd:cc:a3:93:d8:64:6f:
                    09:c0:2f:ca:e7:f8:70:67:00:7f:f4:49:11:d4:6b:
                    c4:5c:9a:54:04:2d:b8:de:20:2c:2d:db:55:d9:88:
                    c3:58:20:91:26:54:6c:1c:88:d2:16:30:8d:a4:bb:
                    95:37:05:66:a2:8f:e1:0e:09:c2:2b:22:86:c9:3a:
                    36:e5:b7:05:9c:27:75:2e:e2:e3:f9:02:82:8f:58:
                    f3:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:DD:98:FC:C9:FA:00:8F:89:39:8D:2E:9C:4A:65:AC:39:6F:18:A6
            X509v3 Authority Key Identifier:
                keyid:3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:c7:40:f8:28:c0:27:e0:00:5a:9e:a7:40:c9:7c:25:92:67:
         d2:d2:59:e4:c5:24:75:51:fe:f3:1f:f0:fc:4b:e9:f1:fe:82:
         98:53:68:53:2e:cb:27:80:8e:d9:7a:10:ea:1f:69:12:cb:36:
         1c:20:cd:54:f5:89:f8:ea:44:d0:36:e9:6d:79:8b:d0:8b:f1:
         79:94:2c:4f:99:44:7d:eb:11:4c:57:96:2a:53:33:3b:1b:b9:
         5c:55:2f:92:e8:b0:6b:cb:a9:79:6d:bf:c9:5f:a1:e5:f6:a5:
         f3:8d:a9:3a:47:c3:fc:53:fd:9e:ea:bc:d0:7f:61:89:19:0b:
         fd:9c:4d:c8:a5:b9:2e:c8:65:d0:3b:6a:7b:88:ce:a4:52:1d:
         21:e7:46:62:03:1d:65:7f:91:a1:76:8a:8c:bd:d4:3f:2b:42:
         2e:5c:e5:4b:73:6c:77:2d:ee:e4:c5:3a:bb:56:7c:6f:55:fd:
         d7:8f:c5:90:4d:1a:d1:ac:9e:26:9c:d5:e0:38:90:6b:4b:8f:
         5d:6b:a0:4d:46:fd:30:1f:02:52:99:48:49:07:9c:c3:5a:f2:
         bc:47:43:a4:2c:8d:64:f4:9c:d7:fd:25:6a:2b:3f:35:fe:35:
         e8:07:06:9c:99:18:ae:b1:81:85:c0:dd:d5:16:f8:43:6a:12:
         ff:3a:a8:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZooVhsdzEfYwMTBdJyUEB+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTQxNTQyMTY4NWFjZTM2ODJmMTYxZDMxMGQ5MjcyNmNk
ZmIwOTcwHhcNMjUxMDI4MDEwMjAyWhcNMjUxMDI5MDEwMjAyWjAzMTEwLwYDVQQD
Eyg0YWRkOThmY2M5ZmEwMDhmODkzOThkMmU5YzRhNjVhYzM5NmYxOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJzkJPeit4jbYjnV4deIw1PACkAI
9Re459g1G47gLtIP2ln+X0bQzD5qpLwpBh8ovhf9Nrb/xnQQkLmkYCX6KGd7zh1z
R5sL0ql21+hc13yiXG88cKiQa5Ndp4ZGFym2mYtIfiBPdd3Q57+DlXbmZdII5vXr
XoHdD1wKkm4GwBziQS5x/hQi+hwNz+ZBX6bmpNVOtbxvqvU6HB5fa2nL9K2CeoxT
ioM10Khr1N3Mo5PYZG8JwC/K5/hwZwB/9EkR1GvEXJpUBC243iAsLdtV2YjDWCCR
JlRsHIjSFjCNpLuVNwVmoo/hDgnCKyKGyTo25bcFnCd1LuLj+QKCj1jz5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErdmPzJ+gCPiTmNLpxKZaw5bximMB8GA1UdIwQY
MBaAFDwUFUIWhazjaC8WHTENknJs37CXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgt
MWUxMjI4MzhhMTExLzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgtMWUxMjI4MzhhMTEx
LzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApMdA+CjA
J+AAWp6nQMl8JZJn0tJZ5MUkdVH+8x/w/Evp8f6CmFNoUy7LJ4CO2XoQ6h9pEss2
HCDNVPWJ+OpE0DbpbXmL0IvxeZQsT5lEfesRTFeWKlMzOxu5XFUvkuiwa8upeW2/
yV+h5fal842pOkfD/FP9nuq80H9hiRkL/ZxNyKW5Lshl0Dtqe4jOpFIdIedGYgMd
ZX+RoXaKjL3UPytCLlzlS3Nsdy3u5MU6u1Z8b1X914/FkE0a0ayeJpzV4DiQa0uP
XWugTUb9MB8CUplISQecw1ryvEdDpCyNZPSc1/0lais/Nf416AcGnJkYrrGBhcDd
1Rb4Q2oS/zqopQ==
-----END CERTIFICATE-----